From d2ee382f92fb99341766d7948d97675e0e1c3823 Mon Sep 17 00:00:00 2001
From: Stavros <steveiliop56@gmail.com>
Date: Fri, 7 Feb 2025 20:03:24 +0200
Subject: [PATCH] fix: return json errors when authorization header is present

---
 internal/api/api.go     | 31 +++++++++++++++++++++++++++++++
 internal/hooks/hooks.go |  6 +++---
 2 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/internal/api/api.go b/internal/api/api.go
index 3cca65c..08a9814 100644
--- a/internal/api/api.go
+++ b/internal/api/api.go
@@ -127,6 +127,14 @@ func (api *API) SetupRoutes() {
 					})
 					return
 				default:
+					if c.GetHeader("Authorization") != "" {
+						log.Error().Err(appAllowedErr).Msg("Failed to check if resource is allowed")
+						c.JSON(501, gin.H{
+							"status":  501,
+							"message": "Internal Server Error",
+						})
+						return
+					}
 					if api.handleError(c, "Failed to check if resource is allowed", appAllowedErr) {
 						return
 					}
@@ -153,6 +161,14 @@ func (api *API) SetupRoutes() {
 						})
 						return
 					default:
+						if c.GetHeader("Authorization") != "" {
+							log.Error().Err(appAllowedErr).Msg("Failed to build query")
+							c.JSON(501, gin.H{
+								"status":  501,
+								"message": "Internal Server Error",
+							})
+							return
+						}
 						if api.handleError(c, "Failed to build query", queryErr) {
 							return
 						}
@@ -167,6 +183,13 @@ func (api *API) SetupRoutes() {
 					})
 					return
 				default:
+					if c.GetHeader("Authorization") != "" {
+						c.JSON(401, gin.H{
+							"status":  401,
+							"message": "Unauthorized",
+						})
+						return
+					}
 					c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", api.Config.AppURL, queries.Encode()))
 					return
 				}
@@ -187,6 +210,14 @@ func (api *API) SetupRoutes() {
 			})
 			return
 		default:
+			if c.GetHeader("Authorization") != "" {
+				c.JSON(401, gin.H{
+					"status":  401,
+					"message": "Unauthorized",
+				})
+				return
+			}
+
 			queries, queryErr := query.Values(types.LoginQuery{
 				RedirectURI: fmt.Sprintf("%s://%s%s", proto, host, uri),
 			})
diff --git a/internal/hooks/hooks.go b/internal/hooks/hooks.go
index a52f3fe..88869bf 100644
--- a/internal/hooks/hooks.go
+++ b/internal/hooks/hooks.go
@@ -23,7 +23,7 @@ type Hooks struct {
 
 func (hooks *Hooks) UseUserContext(c *gin.Context) types.UserContext {
 	cookie := hooks.Auth.GetSessionCookie(c)
-	basic := hooks.Auth.GetBasicAuth(c) // TODO: return json instead of redirect when basic auth
+	basic := hooks.Auth.GetBasicAuth(c)
 
 	if basic.Username != "" {
 		log.Debug().Msg("Got basic auth")
@@ -33,7 +33,7 @@ func (hooks *Hooks) UseUserContext(c *gin.Context) types.UserContext {
 				Username:   basic.Username,
 				IsLoggedIn: true,
 				OAuth:      false,
-				Provider:   "",
+				Provider:   "basic",
 			}
 		}
 
@@ -47,7 +47,7 @@ func (hooks *Hooks) UseUserContext(c *gin.Context) types.UserContext {
 				Username:   cookie.Username,
 				IsLoggedIn: true,
 				OAuth:      false,
-				Provider:   "",
+				Provider:   "username",
 			}
 		}
 	}